On Saturday, June 23, 2018 at 2:26:55 PM UTC-4, Gael Pasgrimaud wrote: > > It's like basic auth but use tokens in the Authorization headers instead > of base64(user:pass). It's a bit more secure... JWT token may also > contains > some extra data (user infos, api scope, etc.) but those are encrypted > using > public/private keys. I don't know much about bearer. >
A "Bearer Token" is the common type of "Access Token" in oAuth2 and used by many APIs. In oAuth2, a client often authenticates with a key+secret and is issued a "Bearer Token" in return. The "Bearer Token" is then sent in the HTTPS headers, and can be invalidated from the authorizing application. -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/pylons-discuss/fef1352a-3071-4a09-a919-331e393d52b3%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
